diff options
| author | David Benjamin <davidben@chromium.org> | 2014-08-31 10:23:49 +0400 |
|---|---|---|
| committer | Adam Langley <agl@google.com> | 2014-09-03 03:41:34 +0400 |
| commit | 39ebf53dd34a553768277ee2e0a5c681b4ac6f9e (patch) | |
| tree | db22c3a5d8f59ff3551157a108e32ef6f9a199df /ssl/test | |
| parent | 120a674c003b2e5950d77415c464b5db20c43972 (diff) | |
Check the server did not use a TLS 1.2 cipher suite pre-TLS 1.2.
This check got refactored in OpenSSL 1.0.2 and broke in the process. Fix this
and add a test. Otherwise things like client auth can get slightly confused; it
will try to sign the MD5/SHA-1 hash, but the TLS 1.2 cipher suite may not use
SSL_HANDSHAKE_MAC_DEFAULT, so those digests won't be available.
Based on upstream's 226751ae4a1f3e00021c43399d7bb51a99c22c17.
Change-Id: I5b864d3a696f3187b849c53b872c24fb7df27924
Reviewed-on: https://boringssl-review.googlesource.com/1696
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'ssl/test')
| -rw-r--r-- | ssl/test/runner/common.go | 4 | ||||
| -rw-r--r-- | ssl/test/runner/handshake_server.go | 2 | ||||
| -rw-r--r-- | ssl/test/runner/runner.go | 12 |
3 files changed, 17 insertions, 1 deletions
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go index fa0e6d88..f22f95a0 100644 --- a/ssl/test/runner/common.go +++ b/ssl/test/runner/common.go @@ -445,6 +445,10 @@ type ProtocolBugs struct { // ClientKeyExchange message without the two-byte length // prefix, as if it were SSL3. SSL3RSAKeyExchange bool + + // SkipCipherVersionCheck causes the server to negotiate + // TLS 1.2 ciphers in earlier versions of TLS. + SkipCipherVersionCheck bool } func (c *Config) serverInit() { diff --git a/ssl/test/runner/handshake_server.go b/ssl/test/runner/handshake_server.go index 855f9925..6d61fd55 100644 --- a/ssl/test/runner/handshake_server.go +++ b/ssl/test/runner/handshake_server.go @@ -832,7 +832,7 @@ func (c *Conn) tryCipherSuite(id uint16, supportedCipherSuites []uint16, version if (candidate.flags&suiteECDSA != 0) != ecdsaOk { continue } - if version < VersionTLS12 && candidate.flags&suiteTLS12 != 0 { + if !c.config.Bugs.SkipCipherVersionCheck && version < VersionTLS12 && candidate.flags&suiteTLS12 != 0 { continue } if c.isDTLS && candidate.flags&suiteNoDTLS != 0 { diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go index d238e8ac..93225925 100644 --- a/ssl/test/runner/runner.go +++ b/ssl/test/runner/runner.go @@ -483,6 +483,18 @@ var testCases = []testCase{ shouldFail: true, expectedError: ":HTTPS_PROXY_REQUEST:", }, + { + name: "SkipCipherVersionCheck", + config: Config{ + CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256}, + MaxVersion: VersionTLS11, + Bugs: ProtocolBugs{ + SkipCipherVersionCheck: true, + }, + }, + shouldFail: true, + expectedError: ":WRONG_CIPHER_RETURNED:", + }, } func doExchange(test *testCase, config *Config, conn net.Conn, messageLen int) error { |